Cryptology ePrint Archive: Report 2012/181

Modular Design and Analysis Framework for Multi-Factor Authentication and Key Exchange

Nils Fleischhacker and Mark Manulis and Amir Azodi

Abstract: Multi-Factor Authentication (MFA), often coupled with Key Exchange (KE), offers very strong protection for secure communication and has been recommended by many major governmental and industrial bodies for the use in highly sensitive applications. Instantiations of the MFA concept vary in practice and in the research literature and various efforts in designing secure MFA protocols were unsuccessful.

We present a modular approach to the design and analysis of arbitrary MFAKE protocols, in form of an $(\alpha,\beta,\gamma)$-MFAKE framework, that can accommodate multiple \emph{types} and \emph{quantities} of authentication factors, focusing on the three widely adopted categories that provide evidence of knowledge, possession, and physical presence. The framework comes with (i) a model for \emph{generalized MFAKE} that implies some known flavors of single- and multi-factor Authenticated Key Exchange (AKE), and (ii) generic and modular constructions of secure MFAKE protocols that can be tailored to the needs of a particular application.

Our generic $\mfake$ protocol is based on the new notion of \emph{tag-based MFA} that in turn implies tag-based versions of many existing single-factor authentication schemes. We show examples and discuss generic ways to obtain tag-based flavors of password-based, public key-based, and biometric-based authentication protocols.

By combining multiple single-factor tag-based authentication-only protocols with a single run of an Unauthenticated Key Exchange (UKE) we construct $\mfake$ that is superior to a na{\"i}ve black-box combination of single-factor AKE schemes.

Category / Keywords: cryptographic protocols / multi-factor authentication, framework, tag-based authentication

Date: received 4 Apr 2012, last revised 9 Apr 2013

Contact author: mark at manulis eu

Available format(s): PDF | BibTeX Citation

Note: Mostly some updates in Section 4.2.

Short URL: ia.cr/2012/181

[ Cryptology ePrint archive ]